Topic: NXT :: descendant of Bitcoin - Updated Information - page 1908. (Read 2761645 times)
T- 2hrs 40mins
Wouldn't aliases still be vulnerable to single-char typo errors?
EDIT: This kind of error is ok for URLs, you see a wrong site, just retype. But not ok for things that can cause big changes, like transaction addresses. Bitcoin client GUIs partially solve (or maybe go around is a better way of describing it) this by letting the user set up addresses in advance (and assigning readable labels to those addresses), so that checking accuracy of address only needs to be done one for each unique address.
EDIT: This kind of error is ok for URLs, you see a wrong site, just retype. But not ok for things that can cause big changes, like transaction addresses. Bitcoin client GUIs partially solve (or maybe go around is a better way of describing it) this by letting the user set up addresses in advance (and assigning readable labels to those addresses), so that checking accuracy of address only needs to be done one for each unique address.
There must be CRC added into addresses ASAP!
I agree. I thought about this recently and not found any reasons why we can't add the "check digit" to verify the account (as example GS-1, IBAN, etc).Use Alias System.
There must be CRC added into addresses ASAP!
I agree. I thought about this recently and not found any reasons why we can't add the "check digit" to verify the account (as example GS-1, IBAN, etc).isn't it the same with BTC?
What is this passphrase thing in 0.4.8?
There must be CRC added into addresses ASAP!
I agree. I thought about this recently and not found any reasons why we can't add the "check digit" to verify the account (as example GS-1, IBAN, etc). isn't a password, that is generated by such a tool, insecure?
Why would you think so? Every time you run the tool OpenSSL RNG is properly seeded and 16-character random prefix is generated, which becomes part of the account password. I personally do not see any issue with this.
I'm also planning to add some minor features and release the source code so anyone can audit.
OK, guys, this is important, please don’t skip over.
This is in relation to https://bitcointalksearch.org/topic/m.4278460 (14699 NXT were sent to an erroneous account number).
1. After a lot of thinking and recalling, I am now 99.9% sure this wasn't my mistake:
a) I am a programmer with OCD, most of you here know what I mean: we obsess about tiniest details and double, triple check everything, especially something as important as sending a big chunk of money.
b) I have a 2-monitor machine, so backend form was on one screen and NXT client on the other. I moved my eyes at least 3-4 times between these two forms to make sure everything is correct. And the address is the most important part.
c) The address is long and starts with 1 (easily noticeable digit), erroneous account is shorter and starts with 4. I would have definitely noticed it by comparing 2 forms side-by-side.
d) I couldn't find any source from where this erroneous number could have gotten into my clipboard. All my passwords and passphrases are alphanumeric. There are no transactions in my history with this hash.
e) Other people apparently reported similar behavior.
This brings me to my second point:
2. This was most probably the software error. Come to think of it, it was silly to start using the system for real money this early in development! We should have all been on a testnet!
Now, this wouldn't be such a problem if I were one of the original stakeholders. Then I would have plenty of these monopoly money to cover any glitches.
But I missed out on that by like a week. So now these monopoly money turns into very real $1200 for me, which I simply cannot afford to pay, at least not right now. And not for something I am not responsible for. I am already paying for everything out of my own pocket: server, withdrawal fees, etc.
If this person thought it was Ok to send $1200 worth of money to an exchange 2 days old, built on top of a beta system, which haven’t even released the source code yet – then they must have prepared to take any possible losses. That’s what I do, except in my case the amounts are approximately two orders of magnitude smaller!
I thought about closing the exchange, but it’s a nice project and people seem to like it.
So the exchange stays operational. From now on I will save a screenshot right before I click “send” to make absolutely sure this wasn't my mistake if this ever happens again.
Also, if you deposit any money, you are on your own, no guarantees. This is a “best effort” service, because it’s built on top of such an unstable technology.
That said, if my exchange ever starts to bring serious money, here is my public promise to repay this erroneous transaction.
And this brings me to my final point:
3. This has to stop. There must be CRC added into addresses ASAP! Imagine the amount of grief this would cause, when the system hits the wild and people start losing money due to glitches or typos!
Allowing to send money to an arbitrary number is ridiculous! What if some guy buys a car and his money are now forever locked, due to a simple typo or a glitch?
Or there should be an easy mechanism to return these unclaimed funds back into account.
CRC will also protect against bugs, because other nodes will reject an erroneous address, even if one node thinks it is Ok.
This is in relation to https://bitcointalksearch.org/topic/m.4278460 (14699 NXT were sent to an erroneous account number).
1. After a lot of thinking and recalling, I am now 99.9% sure this wasn't my mistake:
a) I am a programmer with OCD, most of you here know what I mean: we obsess about tiniest details and double, triple check everything, especially something as important as sending a big chunk of money.
b) I have a 2-monitor machine, so backend form was on one screen and NXT client on the other. I moved my eyes at least 3-4 times between these two forms to make sure everything is correct. And the address is the most important part.
c) The address is long and starts with 1 (easily noticeable digit), erroneous account is shorter and starts with 4. I would have definitely noticed it by comparing 2 forms side-by-side.
d) I couldn't find any source from where this erroneous number could have gotten into my clipboard. All my passwords and passphrases are alphanumeric. There are no transactions in my history with this hash.
e) Other people apparently reported similar behavior.
This brings me to my second point:
2. This was most probably the software error. Come to think of it, it was silly to start using the system for real money this early in development! We should have all been on a testnet!
Now, this wouldn't be such a problem if I were one of the original stakeholders. Then I would have plenty of these monopoly money to cover any glitches.
But I missed out on that by like a week. So now these monopoly money turns into very real $1200 for me, which I simply cannot afford to pay, at least not right now. And not for something I am not responsible for. I am already paying for everything out of my own pocket: server, withdrawal fees, etc.
If this person thought it was Ok to send $1200 worth of money to an exchange 2 days old, built on top of a beta system, which haven’t even released the source code yet – then they must have prepared to take any possible losses. That’s what I do, except in my case the amounts are approximately two orders of magnitude smaller!
I thought about closing the exchange, but it’s a nice project and people seem to like it.
So the exchange stays operational. From now on I will save a screenshot right before I click “send” to make absolutely sure this wasn't my mistake if this ever happens again.
Also, if you deposit any money, you are on your own, no guarantees. This is a “best effort” service, because it’s built on top of such an unstable technology.
That said, if my exchange ever starts to bring serious money, here is my public promise to repay this erroneous transaction.
And this brings me to my final point:
3. This has to stop. There must be CRC added into addresses ASAP! Imagine the amount of grief this would cause, when the system hits the wild and people start losing money due to glitches or typos!
Allowing to send money to an arbitrary number is ridiculous! What if some guy buys a car and his money are now forever locked, due to a simple typo or a glitch?
Or there should be an easy mechanism to return these unclaimed funds back into account.
CRC will also protect against bugs, because other nodes will reject an erroneous address, even if one node thinks it is Ok.
Send me NRS u used to send the money.
Edit: Also PM me with the address u was going to send it to and the address it went.
When will we see the code?
Any one have the link to the script / instructions one guy posted here to create a vanity address?
This one (https://bitcointalksearch.org/topic/m.3735874
Hello folks. I am new here and don't have NXTs yet, but instead of just asking to send me some I figured I'd give something in return
I've noticed in the other thread there's been some discussion on generating short addresses. I've made a tool that could help with this; it is also much faster than the Java one posted before. It's free and you can grab it here (Windows binaries): https://mega.co.nz/#!9MkAWQ4Z!bz3BFCsVRSK_4Euhn8c-aj-umjstTsCe7-VYEcCYTEY
To use open command-line window and run it:
(Please use 64-bit binary whenever possible; it's like 3x faster than 32-bit one)
By default it'll use all available cores; if you'd rather limit it's appetite just specify number of threads to use on the command line:
That's it. When running, it will print out gradually decreasing account numbers and their passwords, e.g.:
As a bonus you can be sure that password is secure - it is composed of per-thread 16-character random prefix and random suffix of length 1 to 8.
Now, back to the opening point. If you find the tool useful and/or fun please consider sending few tokens of appreciation to account number 86533079761. Thanks
I've noticed in the other thread there's been some discussion on generating short addresses. I've made a tool that could help with this; it is also much faster than the Java one posted before. It's free and you can grab it here (Windows binaries): https://mega.co.nz/#!9MkAWQ4Z!bz3BFCsVRSK_4Euhn8c-aj-umjstTsCe7-VYEcCYTEY
To use open command-line window and run it:
Code:
vanitygen_64.exe
(Please use 64-bit binary whenever possible; it's like 3x faster than 32-bit one)
By default it'll use all available cores; if you'd rather limit it's appetite just specify number of threads to use on the command line:
Code:
vanitygen_64.exe 4
That's it. When running, it will print out gradually decreasing account numbers and their passwords, e.g.:
Code:
vanitygen_64.exe
[INFO] Starting 8 threads
15009743058317697570 : y8STsQWFLrJdppA5a
8807430648790207560 : y8STsQWFLrJdppA5b
5543702425770590042 : y8STsQWFLrJdppA5e
4563227042031644694 : y8STsQWFLrJdppA5m
2468317089560679877 : y8STsQWFLrJdppA5n
1230545437077878814 : y8STsQWFLrJdppA5q
402070472249934524 : y8STsQWFLrJdppA5la
358878014600910499 : y8STsQWFLrJdppA52b
111599722390937162 : y8STsQWFLrJdppA5xc
4162604383777782 : y8STsQWFLrJdppA59d
1045538533307963 : Zvbiy6fWI5dJRf7PLb
355803997527307 : V1dI8dy1ga4EQ1AiSX
316999220293974 : V1dI8dy1ga4EQ1AiQPa
170275345701186 : y8STsQWFLrJdppA5mxb
[INFO] Starting 8 threads
15009743058317697570 : y8STsQWFLrJdppA5a
8807430648790207560 : y8STsQWFLrJdppA5b
5543702425770590042 : y8STsQWFLrJdppA5e
4563227042031644694 : y8STsQWFLrJdppA5m
2468317089560679877 : y8STsQWFLrJdppA5n
1230545437077878814 : y8STsQWFLrJdppA5q
402070472249934524 : y8STsQWFLrJdppA5la
358878014600910499 : y8STsQWFLrJdppA52b
111599722390937162 : y8STsQWFLrJdppA5xc
4162604383777782 : y8STsQWFLrJdppA59d
1045538533307963 : Zvbiy6fWI5dJRf7PLb
355803997527307 : V1dI8dy1ga4EQ1AiSX
316999220293974 : V1dI8dy1ga4EQ1AiQPa
170275345701186 : y8STsQWFLrJdppA5mxb
As a bonus you can be sure that password is secure - it is composed of per-thread 16-character random prefix and random suffix of length 1 to 8.
Now, back to the opening point. If you find the tool useful and/or fun please consider sending few tokens of appreciation to account number 86533079761. Thanks
isn't a password, that is generated by such a tool, insecure?
OK, guys, this is important, please don’t skip over.
This is in relation to https://bitcointalksearch.org/topic/m.4278460 (14699 NXT were sent to an erroneous account number).
1. After a lot of thinking and recalling, I am now 99.9% sure this wasn't my mistake:
a) I am a programmer with OCD, most of you here know what I mean: we obsess about tiniest details and double, triple check everything, especially something as important as sending a big chunk of money.
b) I have a 2-monitor machine, so backend form was on one screen and NXT client on the other. I moved my eyes at least 3-4 times between these two forms to make sure everything is correct. And the address is the most important part.
c) The address is long and starts with 1 (easily noticeable digit), erroneous account is shorter and starts with 4. I would have definitely noticed it by comparing 2 forms side-by-side.
d) I couldn't find any source from where this erroneous number could have gotten into my clipboard. All my passwords and passphrases are alphanumeric. There are no transactions in my history with this hash.
e) Other people apparently reported similar behavior.
This brings me to my second point:
2. This was most probably the software error. Come to think of it, it was silly to start using the system for real money this early in development! We should have all been on a testnet!
Now, this wouldn't be such a problem if I were one of the original stakeholders. Then I would have plenty of these monopoly money to cover any glitches.
But I missed out on that by like a week. So now these monopoly money turns into very real $1200 for me, which I simply cannot afford to pay, at least not right now. And not for something I am not responsible for. I am already paying for everything out of my own pocket: server, withdrawal fees, etc.
If this person thought it was Ok to send $1200 worth of money to an exchange 2 days old, built on top of a beta system, which haven’t even released the source code yet – then they must have prepared to take any possible losses. That’s what I do, except in my case the amounts are approximately two orders of magnitude smaller!
I thought about closing the exchange, but it’s a nice project and people seem to like it.
So the exchange stays operational. From now on I will save a screenshot right before I click “send” to make absolutely sure this wasn't my mistake if this ever happens again.
Also, if you deposit any money, you are on your own, no guarantees. This is a “best effort” service, because it’s built on top of such an unstable technology.
That said, if my exchange ever starts to bring serious money, here is my public promise to repay this erroneous transaction.
And this brings me to my final point:
3. This has to stop. There must be CRC added into addresses ASAP! Imagine the amount of grief this would cause, when the system hits the wild and people start losing money due to glitches or typos!
Allowing to send money to an arbitrary number is ridiculous! What if some guy buys a car and his money are now forever locked, due to a simple typo or a glitch?
Or there should be an easy mechanism to return these unclaimed funds back into account.
CRC will also protect against bugs, because other nodes will reject an erroneous address, even if one node thinks it is Ok.
This is in relation to https://bitcointalksearch.org/topic/m.4278460 (14699 NXT were sent to an erroneous account number).
1. After a lot of thinking and recalling, I am now 99.9% sure this wasn't my mistake:
a) I am a programmer with OCD, most of you here know what I mean: we obsess about tiniest details and double, triple check everything, especially something as important as sending a big chunk of money.
b) I have a 2-monitor machine, so backend form was on one screen and NXT client on the other. I moved my eyes at least 3-4 times between these two forms to make sure everything is correct. And the address is the most important part.
c) The address is long and starts with 1 (easily noticeable digit), erroneous account is shorter and starts with 4. I would have definitely noticed it by comparing 2 forms side-by-side.
d) I couldn't find any source from where this erroneous number could have gotten into my clipboard. All my passwords and passphrases are alphanumeric. There are no transactions in my history with this hash.
e) Other people apparently reported similar behavior.
This brings me to my second point:
2. This was most probably the software error. Come to think of it, it was silly to start using the system for real money this early in development! We should have all been on a testnet!
Now, this wouldn't be such a problem if I were one of the original stakeholders. Then I would have plenty of these monopoly money to cover any glitches.
But I missed out on that by like a week. So now these monopoly money turns into very real $1200 for me, which I simply cannot afford to pay, at least not right now. And not for something I am not responsible for. I am already paying for everything out of my own pocket: server, withdrawal fees, etc.
If this person thought it was Ok to send $1200 worth of money to an exchange 2 days old, built on top of a beta system, which haven’t even released the source code yet – then they must have prepared to take any possible losses. That’s what I do, except in my case the amounts are approximately two orders of magnitude smaller!
I thought about closing the exchange, but it’s a nice project and people seem to like it.
So the exchange stays operational. From now on I will save a screenshot right before I click “send” to make absolutely sure this wasn't my mistake if this ever happens again.
Also, if you deposit any money, you are on your own, no guarantees. This is a “best effort” service, because it’s built on top of such an unstable technology.
That said, if my exchange ever starts to bring serious money, here is my public promise to repay this erroneous transaction.
And this brings me to my final point:
3. This has to stop. There must be CRC added into addresses ASAP! Imagine the amount of grief this would cause, when the system hits the wild and people start losing money due to glitches or typos!
Allowing to send money to an arbitrary number is ridiculous! What if some guy buys a car and his money are now forever locked, due to a simple typo or a glitch?
Or there should be an easy mechanism to return these unclaimed funds back into account.
CRC will also protect against bugs, because other nodes will reject an erroneous address, even if one node thinks it is Ok.
Could you please explain the punishment mechanism?
It's not enabled yet. We r activating different aspects of TF step by step.
something wrong with the new nxt client 0.4.8
i 'm trying send money from my old account to the new one
i click send ...the client respond "wrong paraphrase" ....no where to fill the pass
i 'm trying send money from my old account to the new one
i click send ...the client respond "wrong paraphrase" ....no where to fill the pass
Clean browser cache.
Based on which API documentation?
getAccountPublicKeyWhich returns the PublicKey I assume. I fail to see how using this command can help to implement support for TF in clients.
Let me get my point over: Client developers need an API that is well documented. This includes list of parameters and return values, with types, max. lengths, etc., explanations of what a command does and examples to get things into context.
Sorry, I was busy. Here is an extended explanation:
1. Do http://localhost:7874/nxt?requestType=getState to get value of "lastBlock"
2. Do http://localhost:7874/nxt?requestType=getBlock&block=10621696942372068326 (assuming 10621696942372068326 is the value of "lastBlock")
3. Convert "generationSignature" into binary and append public key bytes returned by getAccountPublicKey
4. Calculate SHA256(generationSignature, publicKey)
5. First 8 bytes as unsigned long in little-endian notation is HIT
6. Value of "baseTarget" multiplied by effective balance of the account is STATIC_TARGET
7. Do steps 3-6 for each account and find the one with lowest HIT/STATIC_TARGET ratio, this account will forge next block
Could you please explain the punishment mechanism?
Why is everyone selling? 
no everyone. i need some money for party 
Any one have the link to the script / instructions one guy posted here to create a vanity address?
This one (https://bitcointalksearch.org/topic/m.3735874
Hello folks. I am new here and don't have NXTs yet, but instead of just asking to send me some I figured I'd give something in return
I've noticed in the other thread there's been some discussion on generating short addresses. I've made a tool that could help with this; it is also much faster than the Java one posted before. It's free and you can grab it here (Windows binaries): https://mega.co.nz/#!9MkAWQ4Z!bz3BFCsVRSK_4Euhn8c-aj-umjstTsCe7-VYEcCYTEY
To use open command-line window and run it:
(Please use 64-bit binary whenever possible; it's like 3x faster than 32-bit one)
By default it'll use all available cores; if you'd rather limit it's appetite just specify number of threads to use on the command line:
That's it. When running, it will print out gradually decreasing account numbers and their passwords, e.g.:
As a bonus you can be sure that password is secure - it is composed of per-thread 16-character random prefix and random suffix of length 1 to 8.
Now, back to the opening point. If you find the tool useful and/or fun please consider sending few tokens of appreciation to account number 86533079761. Thanks
I've noticed in the other thread there's been some discussion on generating short addresses. I've made a tool that could help with this; it is also much faster than the Java one posted before. It's free and you can grab it here (Windows binaries): https://mega.co.nz/#!9MkAWQ4Z!bz3BFCsVRSK_4Euhn8c-aj-umjstTsCe7-VYEcCYTEY
To use open command-line window and run it:
Code:
vanitygen_64.exe
(Please use 64-bit binary whenever possible; it's like 3x faster than 32-bit one)
By default it'll use all available cores; if you'd rather limit it's appetite just specify number of threads to use on the command line:
Code:
vanitygen_64.exe 4
That's it. When running, it will print out gradually decreasing account numbers and their passwords, e.g.:
Code:
vanitygen_64.exe
[INFO] Starting 8 threads
15009743058317697570 : y8STsQWFLrJdppA5a
8807430648790207560 : y8STsQWFLrJdppA5b
5543702425770590042 : y8STsQWFLrJdppA5e
4563227042031644694 : y8STsQWFLrJdppA5m
2468317089560679877 : y8STsQWFLrJdppA5n
1230545437077878814 : y8STsQWFLrJdppA5q
402070472249934524 : y8STsQWFLrJdppA5la
358878014600910499 : y8STsQWFLrJdppA52b
111599722390937162 : y8STsQWFLrJdppA5xc
4162604383777782 : y8STsQWFLrJdppA59d
1045538533307963 : Zvbiy6fWI5dJRf7PLb
355803997527307 : V1dI8dy1ga4EQ1AiSX
316999220293974 : V1dI8dy1ga4EQ1AiQPa
170275345701186 : y8STsQWFLrJdppA5mxb
[INFO] Starting 8 threads
15009743058317697570 : y8STsQWFLrJdppA5a
8807430648790207560 : y8STsQWFLrJdppA5b
5543702425770590042 : y8STsQWFLrJdppA5e
4563227042031644694 : y8STsQWFLrJdppA5m
2468317089560679877 : y8STsQWFLrJdppA5n
1230545437077878814 : y8STsQWFLrJdppA5q
402070472249934524 : y8STsQWFLrJdppA5la
358878014600910499 : y8STsQWFLrJdppA52b
111599722390937162 : y8STsQWFLrJdppA5xc
4162604383777782 : y8STsQWFLrJdppA59d
1045538533307963 : Zvbiy6fWI5dJRf7PLb
355803997527307 : V1dI8dy1ga4EQ1AiSX
316999220293974 : V1dI8dy1ga4EQ1AiQPa
170275345701186 : y8STsQWFLrJdppA5mxb
As a bonus you can be sure that password is secure - it is composed of per-thread 16-character random prefix and random suffix of length 1 to 8.
Now, back to the opening point. If you find the tool useful and/or fun please consider sending few tokens of appreciation to account number 86533079761. Thanks
something wrong with the new nxt client 0.4.8
i 'm trying send money from my old account to the new one
i click send ...the client respond "wrong paraphrase" ....no where to fill the pass
i 'm trying send money from my old account to the new one
i click send ...the client respond "wrong paraphrase" ....no where to fill the pass
Clean browser cache.
just go to dgex.com
thx
thx
pffff okay I will sell you 33333NXT for 2.5BTC. It means 0.000075BTC each! comeon free money guys!!!!!
-Lophiea
-Lophiea
I have a question about colored coins.
Will it be possible to generate let's say 3 turtlecoins (each with the value of 10 NXT), print a QR-code for each of them, go to the next petshop, give the 3 QR-codes to the petshop and get 3 turtles?
petshop redeems QR-codes and can exchange turtlecoins to NXT within his account?
Will it be possible to generate let's say 3 turtlecoins (each with the value of 10 NXT), print a QR-code for each of them, go to the next petshop, give the 3 QR-codes to the petshop and get 3 turtles?
petshop redeems QR-codes and can exchange turtlecoins to NXT within his account?
Jump to: